This article is more than six months old

Crypto hackers are changing their tactics as 2023 heist haul plunges

Crypto hackers are changing their tactics as 2023 heist haul plunges
Cybercriminals have stolen over $1 billion in hacks targeting the crypto industry in 2023.
  • More than $1 billion has been stolen in crypto hacks so far in 2023, down from the record $3 billion in 2022.
  • Still, the number of incidents has increased, so the decline in value may have more to do with a diminished crypto market than with digital thugs leaving.
  • The larger number of heists raises questions about the industry’s safeguards against crime.

First, the good news.

Cybercriminals have stolen $1 billion across 75 crypto hacks so far in 2023, according to new data from DefiLlama.

The total amount stolen represents a significant drop from 2022, when digital thugs stole north of $3.2 billion across 60 hacks.

Now for the bad news.

The fall in the amount stolen is not due to hackers turning away from crypto or stronger defences erected by protocols. Rather, it’s the market.

“[Declines] in the value stolen during 2023 are a function of prevailing market prices for the assets in question,” Eric Jardine, cybercrime research lead at crypto research firm Chainalysis, told DL News.

“Stealing 100 Ethereum at its peak value is different in USD or Euro-denominated terms than stealing the same amount at its recent bear market low.”

In other words, the price of Bitcoin and Ether crashed and haven’t recovered their 2022 highs, so the value of the amount stolen also dropped, even as the number of heists increased.

Join the community to get our latest stories and updates
The amount stolen from crypto hacks.

Crypto’s reputation is already marred by numerous scandals and critics blaming it for enabling criminals to steal and launder money — and even to fund North Korea’s nuclear programmes.

Industry observers say the amount stolen raises questions about the sector’s security and lack of proper regulation.

Cybersecurity experts also warn that a proliferation of smaller hacks may presage more heists in the future.

“If people choose to continue to store their money in cryptocurrencies, the attraction to target these platforms that act like banks — but without higher up protection — will thrive,” Jake Moore, global cybersecurity adviser at cybersecurity firm ESET, told DL News.

Smaller but more frequent heists

The cybercriminals who stole $200 million from Hong Kong-backed crypto network Mixin on September 23 committed the biggest hack so far in 2023, edging the $197 million attack on Euler Finance in March into second place, according to DefiLlama data.

Tellingly, however, it was the much smaller $8 million heist against crypto exchange HTX a few days later that pushed the total amount stolen over the $1 billion mark.

That incident highlighted a trend of criminals launching smaller but more frequent heists. Of the 75 incidents recorded in 2023, only 11 saw outlaws steal more than $10 million.

“It is important to bear in mind that hacks tend to be prone to outlier events,” Jardaine said. “So even though the total amount of value stolen so far this year is less than last year, this is subject to change as a result of just one or two major incidents.”

While large incidents — such as the $126 million Multichain hack and the $100 million Atomic Wallet heist — have grabbed the headlines, few media outlets picked up on the smaller ones.

Moore warned that smaller hacks don’t get as much media attention, which could embolden criminals to attempt them.

Call for clear rules

Both cybersecurity experts and market watchers are calling for well-defined rules to regulate the industry.

“As the value of crypto assets that have been stolen in hacking incidents yet again crosses over the $1 billion mark, this raises several issues that remain critically important for the industry to solve,” Sean Stein Smith, an academic who serves on the Wall Street Blockchain Alliance’s advisory board, told DL News.

He called for “institutions seeking to offer custodial services” to be reviewed with the same level of scrutiny as traditional finance firms.

“Crypto assets are, at the end of the day, financial instruments and should be viewed as such,” Smith said.

Both he and Moore also called for more education on how consumers can protect their assets.

“Time and again, investors have suffered not only from institutional shortcomings, but from a lack of understanding the crypto market,” Stein said.

Shifting tactics

The DefiLlama data only reflects hacks and exploits, though criminals have more tools in their arsenal.

In July, a Chainalysis report showed that online extortionists are on track to steal almost $900 million in 2023, making it the second-worst year for ransomware crime ever.

Cybercrime gangs — such as the North Korea-linked Lazarus Group — often demand payment in crypto to return access to compromised files to victims.

The report also revealed that individual transfers to impersonation scam addresses jumped by 49% in the first half of 2023, compared with the same period last year.

This suggests that more people fell victim to fraudsters impersonating law enforcement or other authorities to extort money from victims.

UK, US and Canadian regulators have warned that scammers use the names of real and fake authorities in their cons.

Eric Johansson is DL News’ London-based news editor. Got a tip? Email him at